Now that duty of care is high on the corporate agenda,
trip-approval systems need to factor it in. Focusing purely on the budget
aspects of corporate travel could put business travelers and, in turn, their
organizations at serious risk.
Plus, a risk-based trip-approval system can do far more than
just accept or reject trips. It can:
- Capture trips to high-risk zones and alert the
necessary stakeholders, who then can direct a trip to be canceled or
rescheduled; approve the trip but only with additional support, security and
training; or take some other course of action
- Ensure the correct workflow of approval by the
relevant individuals
- Act as an audit trail, allowing corporates to
demonstrate their fulfilment of duty of care
Budgets that are set at the beginning of the year can be
tied into travel policy guidelines, and similarly, companies can define risk
policies in order to give corporate travelers and travel managers guidance.
However, the risk landscape can change on a daily or even hourly basis. You
can’t set risk levels for every global region and expect them to remain static
for a whole 12 months.
Even countries deemed low risk can fall prey to dynamic
threats like attacks and natural catastrophes with scant notice. Within any
country, region or area, risks may also vary considerably.
Under duty of care and health and safety legislation, it can
be illegal to put the onus on the individual business traveler to take a view
on the complex global risk landscape armed only with the company travel policy
and a list of approved safe areas. Organizations have a duty not just to set
clear policies for employees and others who are traveling on company business
under their care but to do due diligence to mitigate risk prior to travel.
But Trip Approvals Are Such an Admin Burden
In order for a trip-approval system that factors in risk
management to work, it must be as easy as possible for both the traveler and
the travel approver, with high levels of automation.
The ideal solution automatically will cross-match trip
details against dynamic risk data from a reliable risk management platform. A
trip to a higher-risk area would trigger an alert to the relevant manager.
Managers then could approve, reject or request changes based
on organizational policies and other mitigating factors. For approved trips,
the company could brief the traveler on additional precautions or order
pre-trip training. Trips booked to lower-risk areas would pass through the
approval system automatically, freeing approvers’ time to focus on the
higher-risk exceptions.
Pre- or Post-Booking Trip Approval?
Some companies require trip approvals to occur pre-booking
in order to avoid potential cancellation fees. However, pre-booking travel
authorization can be painful for the traveler and laborious for travel and
security managers, adding administration and potential delays, all of which
have their own cost implications.
The post-booking approach, though, doesn’t hold up the
process, but the downside is that a booked trip must be canceled if it is not
approved. In reality, though, the number of trips needing to be canceled or
amended is extremely low.
The post-booking method also allows for far greater
automation. By connecting directly with global distribution systems, a
post-booking trip-approval tool can pick up a traveler’s trip data without any
additional data entry by the traveler. It also ensures that the approval is
based on actual booking data, providing far greater accuracy and far less
likelihood that details will change.
Ultimately, the pre- versus post-booking authorization
decision will depend on the type and size of the individual organization. Based
on internal studies with Anvil clients, the post-booking method does appear to
be more effective for larger organizations.
Regardless, one thing is clear: While budget control will
certainly continue to be critical for business travel, the security of people
is a fundamental component of operational resilience, and risk assessment and
mitigation must be key elements in any travel-authorization process.